Using Values Returned From Forms in Your
PHP Scripts

You've seen all manner of controls, and how PHP handles
their contents, but you still haven't done anything practical with the contents
other than to dump them into another Web page. Admittedly, without any of the
features that you'll learn, manipulating the
contents of variables is hard. However, you learned about mathematical and
string operators in the last chapter and you can combine that knowledge with
concepts presented in this chapter.

In the last example in this chapter, you'll create a loan
application form that asks for the amount of money that a user wants to borrow,
and calculates the amount of money that a fictional bank called NAMLLU can offer
that person based on his age and salary. You give the user a simple yes or no
answer at the end of the calculation.

Although the program's loan calculation acceptance formula might
seem complex, it's really quite straightforward (and isn't based on any
company's formula). The loan amount for a person is calculated using three
numbers, as follows:

Salary Allowance variable: The user's annual salary divided
by 5.

Age Allowance variable: The user's age divided by 10; round
the result down to the nearest whole number; and then subtract one.

Loan Allowance variable: The Salary Allowance variable
multiplied by the Age Allowance variable.

The Age Allowance variable automatically excludes anyone who is
younger than 20, because the formula always return a zero, and anything
multiplied by zero is zero. Here's an example of figuring the Loan Allowance
variable for a 19-year-old, where First figure is the
Salary Allowance variable:

First figure * (19/10 - (19 Modulus 10) /10))-1

Remember that the Modulus operator is
used to return the remainder from a division sum. This calculation works out
to:

First figure * (1.9 - 0.9) -1

which works out to:

First figure * 0

For any age under 20, the Loan Allowance variable always returns
zero because no matter what the Salary Allowance variable is, when multiplied by
a zero, it returns zero.

Here's another example of how this works: A 57-year-old user whose
annual salary is $50,000 applies for a loan through your loan application
form.

If the Loan Allowance variable is more than the amount the person
wants to borrow, you say yes; otherwise, you say no.

Try
It Out: The Loan Application Form

Start Example:

This program needs two pages (and nearly all of the controls
introduced in this chapter). The first page takes the loan details from which
you get the person's first name, second name, age, address, salary, and the
amount he wants to borrow. The second page, the PHP page, does the calculation
for you and delivers a verdict.

You'll have earned a break after examining these two
programs. Although the first is lengthy, it isn't doing anything out of the
ordinary, and certainly nothing you haven't already encountered in this chapter.
The loan form (loan.html) contains eight controls. The
first three are all text fields, used for accepting the first name, last name,
and age of the applicant:

You can't actually store a range as a value, so instead, the
lowest value in the range is assigned as a particular value to each radio
button. This creates just one PHP variable, $_POST[Salary], which holds the value associated with
whichever range has been selected by the user. If there has been no range
selected, the radio button returns no value. Notice that the first value is set
to zero, and as before this zero in the formula ensures that anybody with a
salary of less than $10,000 is automatically refused a loan. (I'm a bit
mercenary!)

The submit button utilizes the action attribute that was set at the top of the form, so it
knows where to send the form:

<form method="POST" action="loan.php">

As you see, the first program stores and transmits the information
in the form, but it's the second program, loan.php,
that takes these values and performs some simple operations on them to approve
or reject the loan claim. The first line creates a new variable, the Salary
Allowance, which is the user's salary divided by five:

$SalaryAllowance = $_POST['Salary']/5;

The second line calculates the more complex Age Allowance formula,
which you want to return a whole number, based on the user's age divided by 10.
If there is any remainder left over from the division, you remove it by rounding the answer downward to the nearest whole
number. Use the modulus operator on the user's age to
calculate the remainder on the user's age. Subtract one from the result to get
the variable, as explained earlier. The final line returns a 0 if the user
enters his age as a value between 0 and 19, a 1 if the age supplied is a value
between 20 and 29, a 2 if the age supplied is a value between and 30 and 39, and
so on. The result of this calculation is stored in the new $AgeAllowance variable:

$AgeAllowance = ($_POST['Age']/10 - ($_POST['Age']%10)/10)-1;

Fortunately, the next line is much simpler. It takes the two
figures just calculated, multiplies them together, and stores them in a new
variable $LoanAllowance, which is the final figure for
how large a loan the user is allowed to take out.

$LoanAllowance = $SalaryAllowance * $AgeAllowance;

The next two lines just echo() a
confirmation on the Web page of the amount supplied by the user for the loan he
wants, and the amount of loan that you will allow:

The next two lines use the <= (less than or equals) operator,
which enables you to make a decision based on the information you've been given.
The operator determines whether the loan amount requested by the user is less
than or equal to the amount that you (the bank) will allow. If it is, you
display a message on the Web page saying that you're delighted to accept the
application. So don't worry it's
covered briefly here.

The display message is also personalized with the names the user
provided on the form:

The final line of PHP script handles the rejection situationâ€”if
the amount the user wants to borrow exceeds the amount the bank will authorize.
It displays a message saying that the application is rejected.

That's all there is to these programs. Oh, one tiny little
detail: the nature of the information in a real-life application is sensitive,
so use the POST method to transmit it. Remember, POST is only more discreet; hackers can just as easily hijack
information sent via this method. For real security, use an SSL certificate to
encrypt communications between the user and the Web server.

Possible Improvements to the Form

Of course, the form isn't perfect; indeed if you try hard
enough, you can break it, or cause it to display illogical values. That's
because there's no kind of validation performed on the
values received from the user. What's to stop a user supplying a totally
erroneous value for his age such as 965? You know it can't be true, but you
can't stop it. You'll examine ways of tightening this
up, by checking the values and only allowing values within a certain range, or
even that the user has actually supplied a value, but that's enough for
now.